50 matches found
CVE-2021-20268
The CVE-2021-20268 entry is confirmed to affect the Linux kernel eBPF verifier, where an out-of-bounds access via dev_map_init_map or sock_map_alloc could crash the system or enable local privilege escalation. Affected are kernel implementations before fixes in public advisories; mitigation is to...
CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...
CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...
CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...
CVE-2020-8835
An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking 32-bit instructions in an eBPF program occurs. This flaw allows an unprivileged user or process to execute eBPF programs to crash th...
[ASA-202004-2] linux-hardened: privilege escalation
Arch Linux Security Advisory ASA-202004-2 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-8835 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1120 Summary ======= The package linux-hardened...
Grammarly: Grammarly Keyboard for Android "Authorization Code with PKCE" flow implementation vulnerability that allows account takeover
@tomtenisse identified a vulnerability in Grammarly Keyboard for Android that allowed malicious application installed on the device to guess the PKCE code verifier value and consequently obtain access to OAuth accesstoken grauth cookie. The vulnerability was fixed by moving from PRNG to...
CVE-1999-0440
The byte code verifier component of the Java Virtual Machine JVM allows remote execution through malicious web pages...
CVE-1999-0440
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-1999-0440
The byte code verifier component of the Java Virtual Machine JVM allows remote execution through malicious web pages...